In July 2022, the French telecommunications company La Poste Mobile was the target of an attack by the LockBit ransomware which resulted in company data being published publicly. The impacted data included 533k unique email addresses along with names, physical addresses, phone numbers, dates of birth, genders, and banking information. 10 days after the attack, the La Poste Mobile website remained offline.
While the website was offline, it showed this message:
The Administrative and management services of La Poste Mobile fell victim, on Monday July 4, to a malicious ransomware-type virus.
As soon as we became aware of this incident, we took the necessary protective measures by immediately suspending the computer systems concerned.
This protective action has led us to temporarily close our website and our customer area. We are of course sorry that this may lead to an embarrasement for a few days in your relationship with La Poste Mobile.
Our IT teams are currently diagnosing the situation. Our first analyzes establish that our server essential to the operation of yoru mobile line have been well protected. On the other hand, it is possible that files present in the computers of La Poste Mobile employees have been affected. Some of them may contain personal data.
La Poste Mobile invites its customers to be vigilant, in particular by monitoring any attempt at phishing and/or identity theft, and will of course keep them informed of the lessons learned from the ongoing expert appraisals.
For any additional information concerting personal data and in connection with this event, you can contact La Poste Telecom customer service at the following address: firstname.lastname@example.org
If you find yourself in an emergency situation, such as loss or theft of your telephone, or the loss of certain services, we invite you to contact our customer service on 904 (905 for professional customers) from your La Poste Mobile line or on 0 970 808 660 (price of a call local).
Our teams are fully committed to resolving this situation as quickly as possible.
Troy Hunt covers the breach in his Weekly Update 304 starting at 4:55:
This may not be the end of the breach, as the data leak may have been broken into two parts, with the second one to be released later:
Summary of the breach
Accounts breached: 533886
Breached on: July 04, 2022
Exposed data: Bank account numbers, Dates of birth, Email addresses, Genders, Names, Phone numbers, and Physical addresses
Added on: July 14, 2022